Although some officials are downplaying the impact of the WannaCry ransomware outbreak in India, it apparently had a big, if not yet clearly defined, impact on some organizations. And even more important, the cyberattack could serve as a wake-up call, jolting the nation into taking cybersecurity more seriously. (See: Is WannaCry the First Nation-State Ransomware?)

"While all the press put the limelight on this attack and how it spread, no one's talking about how this might have been used in the past two months since it was uncovered to gain unauthorized access to some of these networks."

But security sources tell me that about 102 systems at Andhra Pradesh police, Indian banks, manufacturing companies, research labs, colleges, fast-moving consumer goods companies, chartered accountants and in the hospitality industry were impacted.

And independent research by Quick Heal Technologies, a cybersecurity firm, shows that about 48,000 computers in India were infected with the ransomware WannaCry, with most incidents in West Bengal.

Many affected organizations and their managed service partners responded well to the ransomware outbreak, says the senior practitioner of a managed security service provider for large enterprises. Requesting anonymity, he reports that most of the firm's partners took action based on alerts and advisories from CERT and other sources.

"As we analyzed it wasn't a multi-vector attack, it was easy to provide updates and patches on the customer environment," he says.

India's Quick Response to WannaCry

It was good to see India's government agencies as well as organizations in various business sectors respond quickly to the ransomware outbreak. Hopefully, this is a sign of things to come.

"We reached out to all customers across Asia Pacific and deployed additional resources and bandwidth in patching systems as required and upgrading Windows in a phased manner - all done over the weekend," the managed service partner says.

In addition, DSCI, RBI, Kerala Police and MeitY issued timely advisories on the ransomware and action to take. Plus, the Reserve Bank of India directed all banks to not operate on their networks ATM machines running Windows XP - many of the over 200,000 ATMs in the country run on that operating system - unless they are patched for the vulnerability (see: Wannacry Outbreak, Microsoft Issues Emergency XP Patch ).

No security incident in memory has triggered so much prompt action. And that's a good sign.

Where Does the Road End?

Sahir Hidayatullah, CEO of SmokeScreen, points out that while the reponse to WannaCry was encouraging, India still has lots of work to do when it comes to cybersecurity.

"While all the press put the limelight on this attack and how it spread, no one's talking about how this might have been used in the past two months since it was uncovered to gain unauthorized access to some of these networks, which the attacks demonstrate were vulnerable," he says.

Perform frequent technical security audits across all systems and not just focused on compliance.

Despite initial reports, India is still extremely vulnerable to WannaCry. The country still needs to develop a systematic approach to training experts to monitor cyber threats and send alerts. The government and corporations alike need to hire well-trained staff with good data compilation and analytical skills to help in the battle against attackers.

About the Author

Nandikotkur is an award-winning journalist with over 20 years' experience in newspapers, audio-visual media, magazines and research. She has an understanding of technology and business journalism, and has moderated several roundtables and conferences, in addition to leading mentoring programs for the IT community. Prior to joining ISMG, Nandikotkur worked for 9.9 Media as a Group Editor for CIO & Leader, IT Next and CSO Forum.